OSSA-2013-023: Denial of Service using XML entities in Nova/Cinder extensions¶
August 08, 2013
Nova: Grizzly and later
Cinder: Grizzly and later
Grant Murphy from Red Hat reported that vulnerabilities in XML request parsers were not fully patched in OSSA 2013-004. By leveraging XML entity expansion in specific extensions, an unauthenticated attacker may still consume excessive resources on the Nova (CVE-2013-4179) or Cinder (CVE-2013-4202) API servers, resulting in a denial of service and potentially a crash. Only Nova setups making use of the security group extension in Grizzly are affected. Only Cinder setups making use of the backups or volume transfer API extension in Grizzly are affected.
Grant Murphy from Red Hat (CVE-2013-4179, CVE-2013-4202)